The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Prime NCS (WAN) provides two ways to discover the devices in your network:
•Quick—Allows you to quickly discover the devices in your network based on the SNMP community string, seed IP address, and subnet mask you specify. Choose Operate > Discovery, then click Quick Discovery.
•Regular—Allows you to specify protocol, credential and filter settings for discovery and to schedule when to run the discovery job. See Changing Discovery Settings.
Step 1 Choose Operate > Discovery, then click Discovery Settings.
Step 2 Click New. Enter the settings as described in Table 8-1.
Step 3 Click:
•Save to save the settings
•Run Now to save the settings and immediately start the discovery job.
To create a discovery job to run at a future time you specify:
Step 1 Choose Operate > Discovery, then click Discovery Settings.
Step 2 Click New.
Step 3 Enter the settings as described in Table 8-1, then click Save.
Step 4 In the Discovery Settings window, select the discovery job you just created, then click Schedule.
Step 5 Enter the schedule information, then click Save.
To view the discovery process:
Step 1 Choose Operate > Discovery.
Step 2 Select the discovery job for which you want to view details and the details are shown.
The following steps explain how to repeat a discovery using your existing settings and how to monitor the job as it progresses.
Step 1 Choose Operate > Discovery.
Prime NCS (WAN) uses six protocols to discover devices:
•Ping Sweep
•Cisco Discovery Protocol (CDP)
•Routing Table
•Address Resolution Protocol (ARP)
•Border Gateway Protocol (BGP)
•Open Shortest Path First (OSPF)
You can import a CSV file to add data for the protocols. Table 8-2 describes the CSV file format for each of the protocols.
Note You can import a CSV file if you are using a supported version of Mozilla Firefox only. See Supported Browsers for more information.
It is recommended that you run discovery to update your device inventory. However, you can add devices manually as shown in the following steps:
Step 1 Choose Operate > Device Work Center, then click Add.
Step 2 Enter the required parameters.
Step 3 Click Add to add the device with the settings you specified.
If you have another management system in which your devices are imported or if you want to import a spreadsheet that contains all your devices and their attributes, you can import device information in bulk into Prime NCS (WAN).
The following task explains how to add devices in bulk from an existing CSV file.
Step 1 Choose Operate > Device Work Center, then click Bulk.
Step 2 Click the link to download a sample file that contains all the fields and descriptions for the information that must be contained in your imported file.
Step 3 Click Browse to navigate to your file, then click Import.
Step 4 Choose Tools > Task Manager > Jobs Dashboard to view the status of the import.
Step 5 Click the arrow to expand the job details and view the details and history for the import job.
Table 8-3 describes the possible reasons a device is unmanageable by Prime NCS (WAN):
|
|
---|---|
Prime NCS (WAN) cannot reach the device because the device is down or because any device along the path from the Prime NCS (WAN) server to the device is down. |
•Use the ping and traceroute tools to verify that the Prime NCS (WAN) can reach the device. See Using 360° View for more information. •If the device is reachable, verify that the retry and timeout values set for the device are sufficient. (Chose Operate > Device Work Center, select the device, then click Edit.) •Verify that SNMP is configured and enabled on the device: –If using SNMPv2, verify that the read-write community string configured on the device is the same as that entered in Prime NCS (WAN). Note The read-write community string is required. –If using SMNPv3, verify that the following parameters are configured on the device, and that the configured parameters on the device match those entered in Prime NCS (WAN): Username AuthPriv mode (noAuthNoPriv, authNoPriv, authPriv) Authentication algorithm (for example, MD5, SHA, etc.) and the authentication password Privacy algorithm (for example, AES, DES, etc.) and the privacy password •Verify that the SNMP credentials configured on the device match the SNMP credentials configured in Prime NCS (WAN). •Re-enter the SNMP credentials in Prime NCS (WAN), then resync the device. (Chose Operate > Device Work Center, select the device, then click Sync.) See Synchronizing Devices for more information. |
Prime NCS (WAN) cannot gather information from the device because Telnet or SSH is not configured on the device. |
•Verify that Telnet or SSH is configured and enabled on the device, and that the same protocol is configured on Prime NCS (WAN). (Chose Operate > Device Work Center, select the device, then click Edit.) Note If the device type requires HTTP, verify that the Prime NCS (WAN) HTTP parameters match those configured on the device. •Verify that the username, Telnet or SSH passwords, and the enable mode password for Cisco IOS devices are configured correctly on the device and that the parameters entered in Prime NCS (WAN) match those configured on the device. If you did not configure a username on the device for authentication, you can leave this field empty in Prime NCS (WAN). •Verify that the authorization level configured for the Telnet/SSH user is not limited to lower enable privilege levels. |
Restrictions were placed for SNMP through SNMP views or access lists. |
Remove any restrictions for SNMP through SNMP views or access lists. |
TACACS+ "per-command authorization" is configured on the devices, |
If TACACS+ is configured, verify the permissions for the Telnet/SSH user for the permitted CLI commands. It is recommended that you allow all CLI commands for the Prime NCS (WAN) user account; or alternatively, exclude only commands that need to be absolutely restricted. |
For more information about configuring SNMP, Telnet, and SSH on Cisco IOS devices, see:
•Cisco IOS Software Releases 12.0 T SNMPv3
•Configuring Secure Shell on Routers and Switches Running Cisco IOS
By default, Prime NCS (WAN) creates rule-based device groups and assigns devices to the appropriate Device Type folder. You cannot edit these device groups. You can view the rules for the device group by resting your cursor on the device group folder.
Device groups are logical groupings of devices. You create device groups to help you more efficiently update and manage your devices. For example, you can create a device group that includes devices that have a particular module. If you later want to configure a feature related specifically to that module, you use the device group you created to push the configuration change to all the devices contained in the group.
You can create a new group which can be one of two types:
•Static—You create and name a new device group to which you can add devices using the Add to Group button from Operate > Device Work Center.
•Dynamic—You create and name a new device group and specify the rules to which devices must comply in order to be added to this device group. See Creating a New Device Group for more information.
When you create a device group, you are distinguishing that group of devices from others in your network. For example, if you have devices that reside in different time zones, you can create device groups based on geographic regions so that the devices in one group can have a different time zone setting from the devices in another group.
In smaller deployments where all devices can be configured with the same settings, you may only need to create one general device group. This setup allows you to configure settings for the group, and then apply those settings consistently across all your devices.
Groups not only save you time when configuring multiple devices, but they also ensure that configuration settings are applied consistently across your network.
Note You cannot control which users have access to which device groups. All users can see all device groups. For role-based access control (RBAC), you need to create sites and virtual domains.
|
|
---|---|
1. Create a new device group. |
Defines general information about the new group, such as the group name and parent group assigned to this group. For more information, see Creating a New Device Group. |
2. Assign devices to the device group. |
Assigns devices to the group so they can inherit the group settings. For more information, see Assigning Devices to a Group. |
3. Perform operations on the device group. |
You can perform tasks that apply to all devices that are a member of the group. |
Table 8-4 describes how to create a new device group.
Before you create a device group, make sure you understand the unique properties that you want the group to contain. For example, you may want to set up two device groups that have different authentication settings or different time zone settings.
Note While there is no limit on the number of rules you can specify for a dynamic group, as the number of rules increases, the group update performance could become slower.
To create a dynamic device group:
Step 1 Choose Operate > Device Work Center.
Step 2 In the Groups menu on the left, click the Settings icon, then click Create Group.
Step 3 Enter the group name, group description. and select the parent group if applicable.
Step 4 Uncheck Save as a Static Group so you can specify rules to which all devices must comply to be added to the group. You can click Save as a Static Group if you want to manually add the devices to the group and not have the group be rule-based.
Step 5 Specify the rules for the devices must match.
Step 6 Click Save to add the device group with the settings you specified. The device group you created appears under the User Defined groups.
Step 1 Choose Operate > Device Work Center.
Step 2 Select the device you want to assign to a group, then click Add To Group.
Step 3 Select the group, then click:
•Save to add the device to the selected group.
•Cancel to exit without saving your changes.
You can force an inventory collection in order to sync the Prime NCS (WAN) database with the configuration currently running on a device.
Step 1 Choose Operate > Device Work Center.
Step 2 Select the device whose configuration you want synced with the configuration stored in Prime NCS (WAN) database.
Step 3 Click Sync.